Announcement

Collapse
No announcement yet.

Mod Security errors?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • [Forum] Mod Security errors?

    I have been receiving complaints about users having their IP's banned at my server.

    After many discussions with the server folk, we've come to the conclusion that mod security is blocking them when they try to post simple things...such as "Free Tickets"

    If you post that on my forum, you will receive a forbidden error. Do this five times and your IP is banned.

    Here is what my server folks had to say....would love to hear this side of the story.

    "Free Tickets" was blocked for a combination of two reasons. One)
    The word "Free". Two) The functioning of the posting program has an
    internal value, one or more of many possible, that resembles a common security
    vulnerability. In other words, "Free Tickets" is being blocked due
    to the CMS programmers' unfamiliarity with Mod_security. Most of the
    "500" errors you'll personally see will be the result of
    inexperienced programmers.
    Thanks

  • #2
    /usr/local/spamlist.txt

    does removing "free" from the above file help

    Comment


    • #3
      Hmmm...I don't have access to that...

      It's more than that as well. There is something with the "..." that Vbulletin uses in pagination that is triggering mod security as well.

      "Access denied with code 403 (phase 2). Pattern
      match "\.\.\.\./" at REQUEST_URI. [file
      "/usr/local/apache/conf/turtle-rules/10_asl_rules.conf"]"

      Comment

      widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
      Working...
      X